CUCM 8.x – Block Inbound Calls by ANI (Calling Number)

If you are using to SIP or H.323 gateways, it is quite simple to block inbound or outbound calls at the gateway based on ANI (Calling Number) or DNIS (Called Number); the dial peer configuration can match based on either. However, many CUCM deployments run MGCP gateways because they are easier to manage when the voice guys are not network guys. Prior to CUCM 8.x, you could only block calls based on the DNIS if you used MGCP gateways. There is a feature in CUCM 8.x and higher that allows you to block calls based on ANI *or* DNIS, even if you are using MGCP gateways: Route Next Hop by Calling Party.

“Route Next Hop by Calling Party” is an option that can be applied to Translation Patterns in CUCM 8.x and higher. In order to block calls based on ANI, you will need to add 2 partitions and 2 calling search spaces:

• Partitions – InboundCalls_PT, FilterList_PT
• Gateway_CSS – contains InboundCalls_PT
• FilterList_CSS – contains FilterList_PT

You will also need to add several translation patterns:

• “!” – InboundCalls_PT – Route Next Hop by Calling Party – CSS: FilterList_CSS – use ANI to match the next step using the FilterList_CSS
• “!” – FilterList_PT – CSS: Internal_CSS – this matches all calls without a more specific match
• “” (blank) – FilterList_PT – CSS: Internal_CSS – this matches all calls without an ANI, i.e. if caller ID is blocked or unavailable

The Gateway_CSS is assigned to your inbound connection (SIP trunk, PRI, FXO, etc.) and the FilterList_CSS is used by translation patterns to route calls through the list of blocked patterns. At this point your call flow will look something like this:

Gateway_CSS
  InboundCalls_PT
    Translation Pattern
      “!” – route all calls
      Route next hop by calling party
      CSS: FilterList_CSS

FilterList_CSS
  FilterList_PT
    Translation Pattern
      “!” – route all calls not specifically blocked
      CSS: Internal_CSS
    Translation Pattern
      "" (blank) - route all calls without Caller ID
      CSS: Internal_CSS

In order to block numbers, simply add translation patterns to the FilterList_PT that match the ANI (Calling Number) and choose “Block this pattern”.

Live feed music on hold – hardware and configuration

Nearly every PBX in existence has some way to take outside audio and use it for music on hold.  In the past, Cisco sold a nifty little USB device (MOD-USB-AUDIO=) that would allow you to connect any audio source to a Call Manager server.  This worked great up until Call Manager 9; with Call Manager 10, all UC servers only support installation on virtual hardware.  In theory you could configure USB pass-through and add a USB device to your VM, but the audio quality is pretty poor and is not supported by Cisco.  Now what?

Read the rest of this post »

Windows IP conflict when there is no conflict

Just had an interesting problem with a customer that seems a bit obscure, so I figured I would write it down to help someone else.  All of the other solutions to this issue focus solely on there being a problem on the Windows side, which may not necessarily be the case.

Situation: customer is setting up a Windows 2008 R2 server in a VMware cluster, on a VLAN that is sitting behind a firewall. The firewall is is the gateway for the VLAN (say 192.168.34.1). When configuring the network interface on the server, picking ANY IP address in the 192.168.34.0/24 network results in the error message “Windows had detected an IP address conflict”. This happens even if there are no other devices on the VLAN aside from the firewall.

The issue? There was a static (identity) NAT entry in the Cisco ASA firewall for 192.168.34.0/24. By default, Cisco firewalls will proxy ARP for NAT entries.

• (8.3(1), 8.3(2), and 8.4(1)) The default behavior for identity NAT has proxy ARP disabled. You cannot configure this setting.
• (8.4(2) and later) The default behavior for identity NAT has proxy ARP enabled, matching other static NAT rules. You can disable proxy ARP if desired.

This is desirable behavior for a firewall on the edge of the network because the upstream router needs to know where to send traffic for NAT’ed hosts. For internal firewalls this can cause issues, especially with 8.4 code where you need to setup identity NAT to exempt devices from NAT.

The solution? Add “no-proxy-arp” to the end of your identity NAT statements:

nat (inside,outside) source static obj_Internal obj_Internal no-proxy-arp route-lookup


The other (less desirable) solution is to disable the ARP-checking functionality in Windows, but this means it won’t be able to detect a legitimate IP conflict. You can do this through a quick registry hack: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters, create a DWORD named “ArpRetryCount” with a value of “0”.

Call Manager Express – Class of Restriction (COR) Lists

I spend most of my time as a voice engineer dealing with Call Manager and Contact Center Express, but once in a while I get thrown a “small” problem involving Call Manager Express.  CME is generally deployed for smaller customers (<100 phones) who don’t need all the fancy features or capacity offered by full-blown Call Manager.  Unfortunately, most of my customers are fairly large so I don’t get to play with CME often.

A few weeks ago I had some spare cycles so I was tossed into a case for a customer having issues with their CME and some FXO lines.  Summary: they have 8 FXO lines, 6 of which in a hunt group, and 2 need to be assigned for 2 specific individuals at the company.  The hunt group configuration was tricky, but let’s focus on the 2 extra lines.  They want these FXO ports setup so that User1 and User2 always use 0/2/1 and o/2/2 (respectively) for outbound calls, so that when people call back they get the right person.  This would be a piece of cake in UCM: create a special partition and CSS for each of those users, add route patterns pointing to the correct FXO as the gateway, and apply the CSS to the user phones.  15 minutes of work, tops.  Except CME doesn’t have Partitions and Calling Search Spaces.

Read the rest of this post »

Is this thing on?

Wow, guess it’s been a while. Kind of lost track of the last time I posted here until mom reminded me – I installed the WordPress app on my Thunderbolt (woot, 4G) and saw that the last post was Nov. 23, 2010. Shoot, over a year. I’m such a slacker.

Amazingly I still get a fair number page views for some reason. The most popular post for the last year has been my rant about Microsoft Visio crashing because of a bluetooth add-in. It actually used to rank above the official Microsoft KB article on the issue for several months in a row and still bounces to the top spot once in a while. The second most popular post now (used to be #1) is my Volvo Sunroof Repair post that details how to replace the selector gate in a sunroof. This one is probably popular due to the expensive nature of sunroof repairs and lack of warranty coverage. Most dealers won’t even give an estimate without $200 to investigate.
Read the rest of this post »

Educational Efficiency

I work for a fairly large technology partner, and I deal with quite a few government and educational entities. I understand that they need to go through extra steps to ensure they are spending public funds in the best possible way and maintain accountability. Most of the time it is just an annoyance, but once in a while I run across a shining gem of bureaucracy that makes me shake my head more than usual.

If you’re a publicly funded school (K-12, community college, etc), this is generally what you need to do in order to purchase equipment for network infrastructure:

1. Determine through some means that you need to buy/upgrade something
2. Approach vendor/partner to put together a high level design and determine equipment needed
3. Write an RFP with list of said equipment and post in a public place
4. Wait for minimum number of bidders to respond
5. Pick best price and order

Sounds pretty fair and logical, right? The whole process probably takes a minimum of 4-6 weeks, maybe longer for large or complex projects.

Now this is where it get’s stupid. In Texas there is something called the DIR contract. Every year, technology vendors from all fields apply for this contract, which involves pre-negotiated pricing and discounts on hardware and services. Once you get your contract number, you can sell approved equipment and services to nearly any state entity without the need for bidding. The customer knows they are getting the best price, and that the company they are buying from has already been vetting process. It takes months of paperwork to get this contract, but it is worth it for technology companies because it saves a LOT of time when dealing with state and local government and education.

So go back to the process in paragraph 2 and you’ll realize why I got so annoyed when I get an RFP on my desk with an exact list of part numbers required, and they just want a price per item then a total price. This list came out of a configuration tool, meaning that a partner or vendor already went through the trouble of building a configuration (with pricing included) and provided this list to the school. The school then copy/pasted this list into a Word document, stripped out the pricing, and sent it out for companies to bid on. You know what they’ll get? 5 responses, 3 of which will be from companies on the DIR contract, and 2 from random vendors that will be tossed out because they can’t come close on price. The 3 vendors will all have the same price, and the decision will come down to flipping a coin twice or pulling a name out of a hat.

Healthcare Fail

It amazes me that people still don’t “get it” when it comes to health care and why the system in the United States sucks so bad. It seems like the people who are whining about the government getting involved in healthcare are either wealthy enough that they can buy any insurance they want, they get insurance through their employer that is sufficient for their needs, or they simply never get sick. I can’t imagine any other reason which would make people so oblivious to what is going on around them.

I have a friend who just turned 21 and she suffers from a few “girl problems” – cysts, hormones, etc. She doesn’t live with her parents anymore and doesn’t have a job that provides health insurance, but she makes enough money that she doesn’t live in poverty. Unless of course you want to buy your own health insurance, and at $400/mo or more for decent coverage, that’s worse than a car payment. Also, until the new health care regulations go into place, she would probably be excluded due to preexisting conditions.

Since the surgery and other treatments are so expensive, her doctor pretty much told her “You’ll just have to put up with it for now, and if one of the cysts ruptures it’ll become a life and death situation then you can get the surgery for free”. Yeah, stuff like this happens every day – people can’t afford preventive medicine, so they have to wait until it’s so bad that an emergency room can’t turn them away. Not only does it make life miserable for them, it risks death, and by time that point comes then the cost to fix the problem is much higher.

If someone can’t afford $5,000 to fix a problem, they certainly can’t afford $10,000 after the emergency room visit, which will most likely result in temporary or permanent loss of wages. Are people so blind that they can’t see this happening? Or so selfish that they don’t care unless it happens to their family or friends? Personally I would rather pay a little more now than have to pay a lot later, which is the whole idea of insurance.

NOT having health insurance for every citizen is one of the many factors slowly dragging us into debt year by year. Hell, every state in the country requires car insurance, and they regulate said car insurance to make sure people aren’t being gouged. Why is it such a big deal to do this with health insurance?

Moto Droid gets Froyo

Around 5 am this morning my Droid popped up with a system update: 2.2 was finally here!  Of course I had to install it immediately and see what kind of new goodies were available.  I haven’t had a lot of time to play with it but here are some first impressions and highlights:

• More home screens –  five instead of three now, and a quick navigation bar at the bottom to get around.
• Quick button – instead of just the little app tab, there is a button at the bottom of the screen with quick access to Phone, Apps, and Browser. Long pressing the App button brings up a snapshot of all five home screens.
• Phone – there is now a Favorites tab with your most accessed contacts.
• USB tethering!
• Camera – load time is much faster, and the pullout menu to adjust flash, focus etc. has been replaced with small buttons on the main screen.  You can easily adjust flash, timer, white balance, zoom and GPS.
• Gallery – fixed an annoying bug where web album photos took forever to load.
• Multitasking – long pressing the home button now brings up eight apps instead of six.  Minor  improvement, but how long did the iPhone wait for task switching?
• Swype – still not available by default on the Droid, but I am on the beta program. I had to reinstall Swype because it detected the OS was different  and refused to work. The keyboard would show but tracing resulted in zero output.  After grabbing the installer again and reinstalling  it worked fine.
• Exchange Mail – typing an address in the To: field now searches the Global Address List (GAL), but you still cannot just do a GAL search. Yes, better than no GAL at all, but it would be nice to have full search capabilities so you can view other contact information (phone, fax, address, etc) and add the contact to your local contact list. Touchdown is still my app of choice for Exchange mail.

The responsiveness is as good  or better than 2.1, though there are some apps that seem to lag a bit at times (Touchdown, Dolphin Browser HD). This is probably just a result of some APIs that the developers need to update. Overall a good experience though!

Technology is Cool

I was driving through the middle of west Texas a couple nights ago (boring) and came upon a flat area with dozens of flashing red lights spread across the horizon.  The pattern was odd – off, flash-flash-flash, off – so I couldn’t figure out what it was.  Radio towers just flash on and off, plus it wouldn’t make sense to have  so many do close together.

So I take out the Droid, open Maps and zoom to  my location. Turn on the satellite layer, and look around – bam, three-bladed shadows. Wind turbines!  It turns out the flash-flash-flash was caused by the rotors moving in front of the lights while they were on, which I eventually saw a few miles down the road when they were close enough to spot in the moonlight. You can’t deny that is cool, and  it will only become more common.  Heck, in  five or ten years you might even be able to pull up live satellite images and see yourself   driving through.  It’s a good time to be alive.

Antenna Shenanigans

That’s it, I call shenanigans. Ask any electrical engineer about antenna physics and function, and they will tell you Apple is full of it. Two things are very important for antennas – length, and insulation. The length of the antenna is dictated by the wavelength of the signal that you are sending or receiving with that antenna. The antenna should be the 1/4, 1/2 or 5/8 (not common) of the full wavelength. Of course you can have a full wavelength antenna but this is typically too large to be practical. If you use the wrong antenna length, you can get current feedback or signal loss. An antenna that works great at 2.4Ghz will not work as well at 5.8Ghz.

Insulation is also very important. If your antenna is grounded or has a current leak, it results in signal loss and unpredictable behavior. If you connect an antenna to earth ground it becomes essentially useless. The same happens if you connect your antenna to any other part of your device, which is why most antennas on consumer devices have some sort of insulation around them. It’s not just for looks! A Faraday cage takes this to the extreme, grounding out all signals and prevent them from moving or out of the cage.

By touching the bare antenna elements on the iPhone, you are changing the length of the antenna AND causing a current leak between the antennas and the chassis of the phone. The human body is mostly water, so yes, you will attenuate the signal slightly on any phone by holding it. However, touching the elements directly causes a greater effect, and your arm becomes part of the antenna. Of course the effect will vary based on how conductive your body is, which varies by individual and whether your hands are sweaty, oily, etc. This is why some people report problems and some people have no issues. So, basic electrical theory pretty much says Apple is full of it.

Now, instead of trying to fix the problem, Steve Jobs is pulling out the “Hey, this happens to everyone card”. Like I said, any phone will experience *slight* attenuation when you hold it, but not to the degree that some people are experiencing with the iPhone. I have a Blackberry 8830 and Motorola Droid, but neither of them drop so much as a bar regardless of how I hold them. I have no idea how Apple is producing these videos of other cell phones dropping from 5 bars to 0 bars within minutes of holding the phone, but if the effect was that common and pronounced then no one would ever be able to make a phone call while holding their cell phone – and this is obviously not the case.